GitHub

xz is a widely distributed package that provides lossless compression for both users and developers, and is included by default in most, if not all, Linux distributions. Created in 2009,...

In a digital landscape rife with vulnerabilities, a recent and disconcerting phenomenon has come to light. GitHub repositories, the foundation of numerous software projects, have been victimized by a devious...

A hacker recently posted a fake proof-of-concept (PoC) exploit for a previously patched WinRAR vulnerability, which is a concerning revelation. The goal of this malevolent operation was to infect unsuspecting...

A fake proof-of-concept (PoC) repository has been discovered by Uptycs on GitHub to be masquerading as a legitimate PoC for CVE-2023-35829, a recently disclosed high-severity flaw in the Linux kernel....

We first reported on W4SP Stealer in November in response to widespread news of a new Python supply chain attack. Unfortunately, as it so often happens, W4SP Stealer looks like...

Researchers from the Leiden Institute of Advanced Computer Science have discovered thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for vulnerabilities and malware. Various malicious programs and...

Researchers from the Checkmarx Supply Chain Security team have discovered a “high-severity” vulnerability in GitHub. Using a technique known as Repo jacking, attackers could take control of a GitHub repository...